1. Field of the Invention
The present invention relates to the field of wireless networks.
2. Discussion of Related Art At present, there is no single wireless network technology that can provide best services, such as low latency, broadband service and maintaining QoS performance. Overlay access networks that provide various services can be used to overcome this problem. Examples of such overlay access networks are described in the following references: 1) G. Wu, P. J. M. Havinga, and M. Mizuno, “Wireless Internet over heterogeneous wireless networks,” IEEE GLOBECOM'01, IPS03–4, Austin, November 2001 and “MIRAI architecture for heterogeneous network,” IEEE Commun. Mag. vol. 40, no. 2, pp. 126–134, February 2002., 2) M. Stemm and R. H.
Katz, “Vertical handoffs in wireless overlay networks,” Mobile Networks and Applications, vol. 3, no. 3, pp. 335–350, 1998 and 3) P. Pangalos et al., “End-to-end SIP based real time application adaptation during unplanned vertical handovers,” IEEE GLOBECOM'01, WCS13–5, Austin, November 2001.
In the above-identified wireless overlay access networks, a hierarchical coverage area structure from small to large is considered as a heterogeneous access network. A heterogeneous access network includes different radio access networks (RANs). Three well-known models of organizing heterogeneous access networks that include two RANS, designated as network X and network Y, are illustrated in FIGS. 1A–C. In the model, also known as a tunneled network, shown in FIG. 1A, two independent RANs, X and Y, are connected to the internet 100 and a mobile host or terminal 310, such as a cell phone, a lap top computer or a PDA. Each of the RANs includes a L2/L1 layer, 102, 102′, a network layer, 104, 104′, and a transport layer 106, 106′. In such a model, a user has a service agreement with several RANs operators independently, such as RANs X and Y. The optimal network, X or Y, for a requested service cannot be selected automatically by the mobile host, so the access network selected by the user has to be used for the requested service. If the mobile host handoffs from one access network to another access network, the mobility or handoff between network X and network Y will be handled at relatively high network layers or the connection is either terminated or re-established.
A second example of a heterogeneous access network model is schematically shown in FIG. 1B. In this “hybrid network” model, a single hybrid core 108 interfaces directly between the RANs X and Y and the Internet so as to facilitate the handoff between RAN X and RAN Y.
The RANs X and Y implement their respective network layers 104, 104′ and lower layers L2/L1 102, 102′. An example of such a “hybrid network” model is described in the reference R. Walsh, L. Xu, and T. Paila, “Hybrid networks—a step beyond 3G,” Third international symposium on wireless personal multimedia communications (WPMC'00), pp.109–114, Bangkok, November 2000.
One advantage of the “hybrid network” model is the reduction of function duplication between the two RANs X and Y. Another advantage of the “hybrid network” model is that it does not require that a single network be designed so as to optimize all existing and future services. Instead, it is possible to use a combination of several bearer networks, each of which is optimized for some particular services. Note that the selection of the most suitable bearer network is based on several things including available bandwidth, service classification (e.g. streaming video or Internet browsing) and network operator contract policies. Basically, each service is delivered via the network that is most efficient to support the service. For instance, mobile phone is used for voice communication and a wireless LAN is used for data communication. One drawback of such a “hybrid network” is that a coordination function mechanism is necessary to combine several bearer networks.
A third example of a known heterogeneous access network model is schematically shown in FIG. 1C. In this “heterogeneous network” model, a single common core 110 interfaces directly between the lower layers 102, 102′ of the RANs X and Y and the Internet. The common core 110 includes a handoff mechanism (mobility management) and radio resource management that bring all core network functionality together and operates as a single network. The lower layers 102, 102′ of the RANs X, Y handle only specific radio access technology and so, in general, the wireless access radio incorporates the PHY and DLC (layer 2). An example of such a “heterogeneous network” model is described in the reference G. Wu, P. J. M. Havinga, and M. Mizuno, “Wireless Internet over heterogeneous wireless networks,” IEEE GLOBECOM'01, IPS03–4, Austin, November 2001 and “MIAAI architecture for heterogeneous network,” IEEE Commun. Mag. vol. 40, no 2, pp 126–134, February 2002.
Another known network architecture is the so-called Virtual Private Network (VPN). VPNs have gained great popularity over the last few years in the business environment because they provide a very cost effective solution to securely accessing corporate intranets over the public Internet. See S. Kent and R. Atkinson, “Security architecture for the Internet protocol,” IETF RFC htt://vww.ietf.org/rfc/rfc2401.txt. In the future it will be very important to provide VPN functionality to businesses in a heterogeneous mobile environment. The issue is not just how to support the VPN functionality in a heterogeneous environment but also how to support seamless mobility of applications and services using the VPNs. If it is desired to use VPN in the heterogeneous access networks, FIG. 2 schematically shows a way to establish VPN. In particular, the VPN 208 of FIG. 2 is established between the company intranet 210 and current access network 206. Another VPN is established between the company intranet 210 and a target access network 212. As shown in FIG. 2, a VPN network architecture 200 includes a mobile terminal, such as a cell phone or a lap top computer 310 which is currently in communication with an access network 204. The access network 204 is in communication, via gateway 206, with a VPN 208 that is in communication with a company intranet 210. The company intranet 210 includes contents service providers and will not restrict any entity that desires to establish a VPN. Similarly, a second access network 212 is in communication, via gateway 208, with a VPN 214 that is also in communication with the company intranet 210.
The mobile terminal alters communication from the current access network 204 to the target access network 212 by renegotiating and reestablishing the VPN 214 between the company intranet 210 and the target access network 212. VPN 214 re-establishment is shown in FIG. 2. VPN 214 is re-established when the mobile terminal moves to the target access network 212. In addition, the user needs to have VPN service agreements with different access networks in order to use the VPN.
One prior attempt to overcome the deficiencies of the VPN network architecture 200 is shown in FIG. 3. In this system, a hyper operator overlay (HOO) network architecture 300 is employed that combines different access networks to provide most suitable access network to each available service. As shown in FIG. 3, the HOO network 300 includes different access networks 302A–D, service providers 304A–B and a hyper operator 406. The hyper operator 406 works to coordinate different access networks and service providers 304A–B (such as, yahoo.com) including private intranets (e.g. company intranet 210) in order to have seamless communications.
The mobile device, such as a cell phone, PDA or a lap top computer 310, supports different access network technologies such as WLAN, mobile phone, Bluetooth, ADSL, etc. Currently, the software defined radio is a component within the mobile device 310 that applies software to adapt the mobile device 310 to support different radio access technologies with one network interface card (NIC). Instead of having several service agreements with different access networks 302 and service providers 304, a user using the mobile device will only need to have a single service agreement with the hyper operator 406. Because of a service contract with the hyper operator 406, the user can gain access to different access networks 302 by the mobile device without establishing new service contracts.
The HOO network 300 does not require modifications to existing access networks. HOO can work as a broker or a bridge between different access networks and service providers, and can coordinate service offered by different access networks and service providers. However, access networks 302 and service providers 304 will often duplicate the same functions, such as authentication. Accordingly, all data transactions involve multiple round trips across the Internet, that results in an increase in the network load and service latency. One proposed solution to this problem is for the basic access network (BAN) to provide a common control/signaling channel for all mobile terminal access. See G. Wu, P. J. M. Havinga, and M. Mizuno, “Wireless Internet over heterogeneous wireless networks,” IEEE GLOBECOM'01, IPS03–4, Austin, November 2001 and “MIRAI architecture for heterogeneous network,” IEEE Commun. Mag. vol. 40, no 2, pp 126–134, February 2002. Unfortunately, the BAN only supports the access system and probably the handoff signaling may be supported but the connection over the network is out of their scope. In addition, BAN requires current access network modification so that the current access operator may not join this architecture without an infrastructure investment.
Another disadvantage of the HOO network 300 presents itself when contemplating the connection in the vertical handoff, which is the handoff between different access networks. In this connection, the authentication and VPN (virtual private network) 314 established in the internet 320 is renegotiated with the gateway 316 of the target access network, then the authentication request will be sent to the same company intranet 210. This duplication of authentication happens whenever the mobile terminal moves to a different one of the access networks 302A–D. Although the user is already authenticated at the previous VPN establishment, a new VPN will require another authentication again to establish VPN. Note that one or more of the access networks 302A–D are in communication with a mobile terminal 310 and the like and several scheme such as L2TP and L2F (both layer 2 level VPN), IPsec (layer 3 level VPN) can help to establish VPN 314 mentioned above.